Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Java applet with self-signed certificate on OS X Mountain Lion

We have a Java applet that needs to run with full trust.

While developing and during pre-release tests we sign it using a self-signed certificate (the production version is signed with a real code signing certificte).

But when we try to start the self-signed applet on the prerelases of OS X 10.8, we can no longer choose to allow it to run. The "Allow"-button is simply disabled:

Disabled "Allow" button

If I press "Show Details..." I can choose to "Always trust" the certificate, but this makes no difference:

enter image description here

It works with the same version of the Java JRE on OS X Lion 10.7, so I suspect it is an issue with the OS and not the JRE.

Are there any workarounds?

I would prefer not to use a real code signing certificate for testing: signing with a real code signing certificate means that my company asserts that the applet is secure and should be trusted. We can hardly assert that before we have tested it.

like image 672
Rasmus Faber Avatar asked Jun 21 '12 11:06

Rasmus Faber


2 Answers

It is new security feature in Mac OS X, by default only apps from Mac Store & from trusted developers are allowed to run there. Fortunatelly, it is easy to change, you have to allow this in Mac OS X preferences.

Go to Preferences -> Security & Privacy and click on padlock to allow changes.

Then in "Allow appications downloaded from" select "Anywhere".

After that, the button in Java dialog will be enabled.

Mac OS X Security & Privacy Preferences

like image 68
sarsonj Avatar answered Nov 08 '22 22:11

sarsonj


If you get the "Application Blocked by Security Settings" message, you need to go into System Preferences: Java: Security and either add your site to the exception list or reduce the security level to Medium.

like image 5
user3220190 Avatar answered Nov 09 '22 00:11

user3220190